21
Enhancements
Release R.11.12 Enhancements
Configuring DHCP Snooping Trusted Ports
By default, all ports are untrusted. To configure a port or range of ports as trusted, enter this
command:
ProCurve(config)# dhcp-snooping trust <port-list>
You can also use this command in the interface context, in which case you are not able to enter a list
of ports.
DHCP server packets are forwarded only if received on a trusted port; DHCP server packets received
on an untrusted port are dropped.
ProCurve(config)# dhcp-snooping trust B1-B2
ProCurve(config)# show dhcp-snooping
DHCP Snooping Information
DHCP Snooping : Yes
Enabled Vlans : 4
Verify MAC : Yes
Option 82 untrusted policy : drop
Option 82 Insertion : Yes
Option 82 remote-id : mac
Store lease database : Not configured
Port Trust
----- -----
B1 Yes
B2 Yes
B3 No
Use the no form of the command to remove the trusted configuration from a port.
Configuring Authorized Server Addresses
If authorized server addresses are configured, a packet from a DHCP server must be received on a
trusted port AND have a source address in the authorized server list in order to be considered valid.
If no authorized servers are configured, all servers are considered valid. You can configure a
maximum of 20 authorized servers.
To Next Page
Loading...
